package com.nari.kmd_dataservice.interceptor;

import com.nari.kmd_dataservice.constant.ConstantParameter;
import com.nari.kmd_dataservice.constant.GlobalVariable;
import com.nari.kmd_dataservice.util.NetworkUtil;
import com.nari.kmd_dataservice.util.SM3;
import com.nari.kmd_dataservice.util.SM4;
import lombok.extern.slf4j.Slf4j;
import org.springframework.stereotype.Component;

import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;

/**
 * @ClassName: RequestFilter
 * @Description: 请求过滤
 * @Author: zhangnaijiang
 * @Date: 2022/01/22 03:46
 * @Version 1.0.0
 */
@Component
@Slf4j
public class RequestFilter implements Filter {
    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        String ip = NetworkUtil.getIpAddress(httpServletRequest);
        String requestURI = httpServletRequest.getRequestURI();
        String sign = httpServletRequest.getHeader("sign");
        RequestWrapper requestWrapper = new RequestWrapper(httpServletRequest);
        String body = requestWrapper.getBody();
        log.info("请求{}:{},sign:{},body:{}",ip,requestURI,sign, body);
        if(!"/server/test".equals(requestURI) && GlobalVariable.checkSM3){
            String sm3sign = SM3.encrypt(body);
            if(sign==null || !sm3sign.equalsIgnoreCase(sign)){
                log.error("sm3校验失败，{}<->{}",sign, sm3sign);
                AuthenticationInterceptor.errorHandle(requestURI, (HttpServletResponse)servletResponse, "02", "sm3校验失败");
                return;
            }
        }
        if("/server/test".equals(requestURI) || !GlobalVariable.checkSM4){
//            filterChain.doFilter(servletRequest, servletResponse);
            requestWrapper = new RequestWrapper(httpServletRequest, body);
            try {
                filterChain.doFilter(requestWrapper, servletResponse);
            }catch (Exception e){
                log.error("处理异常", e);
                AuthenticationInterceptor.errorHandle(requestURI, (HttpServletResponse)servletResponse, "02", "处理异常");
                return;
            }
            return;
        }
        if(sign==null){
            log.error("没有sign");
            AuthenticationInterceptor.errorHandle(requestURI, (HttpServletResponse)servletResponse, "02", "没有sign");
            return;
        }
        List<String> noTokenRequestURIList = new ArrayList<>(Arrays.asList("/server/laRegister", "/server/targetVerify"));
        if(!noTokenRequestURIList.contains(requestURI)){
            String token = httpServletRequest.getHeader("token");
            if(token==null){
                log.error("没有token");
                AuthenticationInterceptor.errorHandle(requestURI, (HttpServletResponse)servletResponse, "02", "没有token");
                return;
            }
        }
        String decryptBody;
        try{
            decryptBody = SM4.decryptEcb(ConstantParameter.localSM4Key, body);
            log.info("密文请求{}:{},参数解密:{}",ip,requestURI,decryptBody);
        }catch (Exception e){
            log.error("解密异常", e);
            AuthenticationInterceptor.errorHandle(requestURI, (HttpServletResponse)servletResponse, "02", "解密异常");
            return;
        }
        requestWrapper = new RequestWrapper(httpServletRequest, decryptBody);
        try {
            filterChain.doFilter(requestWrapper, servletResponse);
        }catch (Exception e){
            log.error("处理异常", e);
            AuthenticationInterceptor.errorHandle(requestURI, (HttpServletResponse)servletResponse, "02", "处理异常");
            return;
        }
    }
}
